I work in a small company with one office in Dallas and another in Los Angeles. We run a Fedora server at our Dallas location and use a Linksys RV042 at each location to create a VPN connection between the sites.

Every time the power or internet goes out in Dallas, our server is inaccessible so the entire company goes down. Because of this, we would like to use a shared server in the cloud (something like Linode) to avoid this problem.

As a relative novice to VPN configurations, I would like to know if it is possible to set up a software VPN on the cloud server and connect our local networks in Dallas and LA to that VPN. I've read about openvpn and ssh vpns, but I don't know it is the best option.

Could anyone with some experience point me in the right direction on the right combination of software VPN and hardware for this? We're open to new hardware to make this happen.

The question is what services you will run in the cloud server ? Depending on that you may not need the VPN server at all.
–
goljaJul 6 '12 at 1:14

The server runs a software package that all users in the company connect to. Because the data is not public, and because every user in the company needs to connect to the server, we need the VPN to network the server to the local computers.
–
Neal LJul 6 '12 at 1:18

Based on your description you were using the VPN tunnel on the router side so that the other office could access the server, but once is in the cloud this is not necessary anymore. The main function of VPN is to securely connect private networks through a public infrastructure. So in your case that is not necessary anymore, because you will be in a cloud. But if you still wanna use it as an extra secure layer you should use some different solution like Amazon Virtual Private Cloud or bind the application to a localhost and use auth ssh tunnel, but can be annoying to maintain.
–
goljaJul 6 '12 at 2:00

Why have you discounted OpenVPN? It's the perfect solution to this problem, IMO, and one that I've deployed a great many times.
–
wombleJul 6 '12 at 5:21

@golja VPN is absolutely needed in a cloud environment, especially if the goal is to keep internal server resources off of the public internet, while still being able to access them as if they were on a local LAN.
–
JoshuaJul 6 '12 at 5:47

1 Answer
1

To be clear, generally if the Internet goes down in Dallas, at least the Dallas office will be offline whether your server is in "the cloud" or not. (VPN relies on Internet)

The short answer is setting up a VPN connection to any external server is relatively straightforward if you are already technically familiar with some details of networking and server config. Amazon Web Services even has a concept called "Virtual Private Cloud" (http://aws.amazon.com/vpc/) which gets you a server environment with VPN access baked in. Most other hosting companies might make it a little more difficult to set one up because of the hoops you'll need to work through to get networking set up right.

We have several AWS servers that we use OpenVPN with, as well as a couple (ve) servers from MediaTemple.

Perhaps as a side note (but related to solving uptime issues), "the cloud" you refer to with Linode is not actually a "cloud." It's just a single virtual instance that they are giving you, probably one of many instances on a single physical 'host'. If the virtual instance goes down, or the host server goes down, or the physical network connection to the host server gets severed, you still face the same downtime issues that you would with a normal server. Granted that is significantly less risky than hosting in your own office (generally), but bear that in mind.

In my humble opinion (and I emphasize the "humble," because this is more of a perception of mine), a real "cloud" should really be composed of a cluster-like environment with CDN, redundancy, backup, and failover capabilities from multiple locations, thereby reducing (as much as possible) the risk of downtime. Obviously even in this environment there will be single points of failure, but again - it's all about reducing risk.

@womble AWS could be considered a "cloud" in that it is a large set of servers (about 500,000 if some guesses are correct), upon which one could set up multiple instances of their own which meet my "description." I'm sure you could do the same thing with Linode or any other hosting company that exposes means of explicitly positioning virtual instances in different geographical datacenters or regions.
–
JoshuaJul 6 '12 at 5:45

So why do you say "Linode is not actually a 'cloud'"? You haven't identified any of the ways in which Linode and AWS actually differ, except perhaps raw hardware count (and if that's your definition, please provide the number at which a provider can claim "cloud" status)
–
wombleJul 6 '12 at 5:51

@Joshua yeah we have a similar concept about "cloud", but unfortunately the cloud from today it's not that :)
–
goljaJul 6 '12 at 6:47

@womble My comments are an attempt to address the perception of the "cloud" vs traditional web hosting especially where reliability and uptime are concerned. AWS does have "cloud" services with their DynamoDB, RDS, EMR, S3, EBS etc. where your data or processing isn't fixed to any specific instance. Rather, it's spread across multiple servers in the "cloud".
–
JoshuaJul 6 '12 at 14:15